<?php 
// admin log in page
//connect to mysql database
require("../storescripts/config.php");
//start session
session_start();

if (isset($_SESSION["manager"])) {
    header("location: index.php"); 
    exit();
}
?>
<?php 
// parse the log in form when the user fills it out and click on login button
if (isset($_POST["username"]) && isset($_POST["password"])) {

	$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]); // filter everything but numbers and letters
    $password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]); // filter everything but numbers and letters 

    $sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person
    
	// check if person exists in the database
    $existCount = mysql_num_rows($sql); // count the row nums
    if ($existCount == 1) { // evaluate the count
	     while($row = mysql_fetch_array($sql)){ 
             $id = $row["id"];
		 }
		 $_SESSION["id"] = $id;
		 $_SESSION["manager"] = $manager;
		 $_SESSION["password"] = $password;
		 header("location: index.php");
         exit();
    }
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Admin Log In</title>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="../css/style.css" type="text/css" media="screen" />

<!-- start of javascript -->
<script type="text/javascript" language="javascript"> 
// validating forms before processing to a PHP script
function validateMyForm ( ) { 
    var isValid = true;
    
	if ( document.form1.username.value == "" && document.form1.password.value == "" ) { 
	    alert ( "Please enter required fields" ); 
	    isValid = false;
	} 
    return isValid;
}
</script>
<!--end of script -->
</head>

<body>
<!-- Main Shell -->
<div class="shell">
	
  <!-- Header -->
  <div id="header">
    <h1 id="logo"><a href="index.php">Luvo Fashion</a></h1>
  </div>
  <!-- End Header -->
 
  <!-- Main -->
  <div id="main">
  	<div align="center" style="margin-left:20px; padding-top:40px; height:400px;">
	    <h2>Please log in to manage the store</h2>
        <br />
        <br />
        <form id="form1" name="form1" method="post" action="admin_login.php">
        Username: <input name="username" type="text" id="username" size="40" />
        <br /> <br />
        Password: <input name="password" type="password" id="password" size="40" />
        <br /> <br />
        	<input type="submit" name="button" id="button" value="Log In" onclick="javascript:return validateMyForm();" />
        </form>  
	</div>
  </div>
  <!-- End of Main -->
  
  <!-- Footer -->
   <div style="padding-top:5px;" id="footer">
    <p class="left">Admin Log In Page</p>
    <p class="right"> &copy; 2010 Luvo Fashion.</p>
  </div>
  <!-- End of Footer -->

</div>
<!-- End Shell -->
</body>
</html>
